Security

If you haven’t read anything about our newest web and mobile app timebomb.it, make sure to stop by Send Time Limited Secure Logins with timebomb.it. Lets take a look at the simple API we made so developers can use timebomb.it … Read more…

As a developer, your world might crumble without using FTP (File Transfer Protocol). Oh how we love our port 21, uploading and downloading everything in plain text. However, if you are at all worried about security and integrity of your … Read more…

Today we are going to talk about CSRF (or Cross Site Request Forgery), otherwise known as session riding, see-surf, and XRSF, and how to built a token system in Code Igniter to mitigate any potential attacks using CSRF. Read more…

Woah, application security and picking locks- sounds like the topic of lunchtime conversation at DEFCON. When it comes to exploitation, attacks, vulnerabilities, and mitigation techniques, security in any field is really all the same. Sometimes explaining web application security is difficult, but it seems when we match it with something more tangible, like the hard steel of locks, some sense comes to life. Lets start with a “hypothesis”, and then look at some worthy comparisons between 1′s & 0′s, and padlocks & handcuffs. Read more…

XSS, or Cross Site Scripting, is one of the biggest security risks that any web application developer or concerned client should have a good understanding of. XSS makes use of vulnerabilities in a website to inject [malicious] code. Websites are made up of many elements, including things like header information, HTML elements, and sometimes JavaScript elements. Read more…

It’s you. You (the human) are the weakest link. Especially when it comes to web application security. As developers, we must pay attention to application security as if our lives depend on it.. a simple 7-character MySQL injection can indeed ruin our day. Read more…